Date: 26/01/2022
Email: Keep my email address private
**Your comments must be approved before they appear on the site.
4 + 8 = ?: (Required)
Enter the correct answer to the math question.

You are posting a comment about...
Don't forget basic physical security risks

It is easy to forget the information security risks associated with physical security.  Sophisticated hacks are more interesting than plain theft of computers or paper records.  In truth, electronic thefts often are responsible for the largest numbers of breached records.  However, plain old physical theft or loss shows up all the time on breach statistic web  sites.  For example, searching the breach database for 2010 shows that 47% of the 590 reported breaches were attributed to loss or theft of electronic or paper records. 


Geographic Information Systems software (GIS) is making it easier to evaluate these risks.  Sites like provide a great visual representation of local crime statistics.  Depending on the type of crimes reported, you may want to provide more physical security controls around your data (and personnel for that matter).


As an example, I looked at the crime statistics over a two month period from a major US city within a one mile radius downtown.  The high incidence of theft and robbery might make this not a good location for a call center.  A picture definitely communicates the risks better than any formal risk assessment!